Board & Advisory Services

Cybersecurity Governance
for Board-Level Accountability

10 years building compliance programs that pass audits, close regulated enterprise deals, and hold up under investor and agency scrutiny. Available for advisory board roles at companies in regulated markets.

CISSP CISM CRISC (April 2026) SOC 2 · SOX · CJIS · AI Governance
Get in Touch View One-Pager
Cody Keller
What I Bring

The Bridge Between Technical Risk
and Executive Fiduciary Duty

Most advisory boards lack a practitioner who can sit in a technical review at 9am and translate those findings into board-level language by noon. That gap is where breaches and compliance failures live.

Audit & Risk Oversight

Built and operated SOC 2 Type 2, SOX ITGC, CJIS, HIPAA, and TX-RAMP programs at a $400M Nasdaq-listed company — zero exceptions across all engagements. Advise on what auditors actually look for and where companies are exposed.

AI & Data Governance

Designed an enterprise AI governance framework (ISO/IEC 42001 reference) enabling secure GenAI adoption across 350+ employees — including DLP controls, shadow AI detection, and responsible use policy. Boards need this fluency as regulators catch up.

Compliance as Revenue Enabler

Reduced customer security questionnaire response time from two weeks to three days. Cut vendor review turnaround by ~50%. Security posture that accelerates enterprise deal closure in regulated markets — not security as a tax.

GovTech & Law Enforcement Data

Active CJIS clearance. Experienced navigating multi-state CTA relationships, NCIC Hotlist governance, and ORI coordination. Rare in commercial security advisory roles, and directly relevant for companies selling into public safety or justice markets.

How This Works

What an Engagement Looks Like

01

Initial Conversation

We discuss your current security posture, compliance obligations, and where you need board-level coverage. No pitch deck — just a direct assessment of fit.

02

Defined Scope

Advisory board engagements are defined upfront — meeting cadence, focus areas (audit committee, risk oversight, compliance readiness), and time commitment.

03

Ongoing Oversight

Quarterly board participation, async availability for compliance questions, and direct access for your security team on program-level decisions between meetings.

Credentials

Certifications & Background

  • CISSP — Certified Information Systems Security Professional (ISC)² · ID: 797229
  • CISM — Certified Information Security Manager ISACA · ID: 1390053
  • CRISC — Certified in Risk and Information Systems Control ISACA · Testing April 2026
  • CompTIA Security+ ID: COMP001020948034
  • B.S. Business Administration California State University, Chico
Publications

Published Work

The Parent's Guide to Online Safety
A comprehensive guide to protecting children in the digital age. Available on Amazon.
CISSP Pocket Guide
A travel-study companion for the Certified Information Systems Security Professional exam.
The CISM Ascent
CISM exam preparation resource published on ckcybersecurity.com.
Ideal Fit

Who This Is For

I'm selective about advisory engagements. The companies that benefit most share a few common characteristics.

🏙

Public Safety & GovTech

Companies selling into law enforcement, 911 infrastructure, or government agencies where CJIS, FedRAMP, or TX-RAMP compliance is a deal blocker or contract requirement.

🤖

AI & Emerging Technology

Companies building or deploying AI products where governance, data privacy, and responsible use frameworks are increasingly expected by enterprise buyers, regulators, and investors.

📈

Series B–C in Regulated Markets

Companies where compliance maturity is actively blocking enterprise deals or investor due diligence — and where a credible security voice on the board changes the conversation.

Let's Have a Direct Conversation

If your company is navigating compliance complexity, preparing for an enterprise audit, or building a board with genuine security oversight — reach out. I'll tell you quickly whether it's a fit.

Email Cody Connect on LinkedIn View One-Pager Download PDF
Cody Keller · CISSP, CISM · Concord, CA · LinkedIn · GitHub ·